You are viewing this forum as a guest. Login to an existing account, or create a new account, to reply to topics and to create new topics.
Does the current PayPal Gateway comply with these 2016/17 Updates?:
PayPal is in the process of upgrading the SSL certificates used to secure our web sites and API endpoints. These new certificates will be signed using the SHA-256 algorithm and VeriSign's 2048-bit G5 Root Certificate. You will need to ensure that your environment supports the use of the SHA-256 signing algorithm and discontinue the use of SSL connections that rely on the VeriSign G2 Root Certificate.
PayPal is upgrading the protocols used to secure all external connections made to our systems. Transport Layer Security version 1.2 (TLS 1.2) and Hypertext Transfer Protocol version 1.1 (HTTP/1.1) will become mandatory for communication with PayPal in 2017. You will need to verify that your environment supports TLS 1.2 and HTTP/1.1, and if necessary make appropriate updates.
If you are using PayPal’s Instant Payment Notification (IPN) service, you will need to ensure that HTTPS is used when posting the message back to PayPal for verification. HTTP postbacks will no longer be supported.
PayPal will no longer support the use of the GET HTTP request method for our classic NVP/SOAP APIs. If you currently use any of these APIs, you will need to ensure that your API requests only use the POST HTTP request method
The API certificate credentials issued by PayPal for use with the Classic API are being upgraded to SHA-256 signed 2048-bit certificates. If you currently connect to PayPal using API certificate credentials, you will need to generate a new API certificate via your account profile and use it for all API requests.
See : https://www.paypal-knowledge.com/infoce … cale=en_US
Thanks
Offline
Great. Many thanks.
Offline